What Defines Critical Misconfigurations In The Cloud And How Can They Be Avoided
What Defines Critical Misconfigurations In The Cloud, And How Can They Be Avoided?
So what constitutes a critical misconfiguration, and how can they be avoided in your own cloud systems? Let’s take a look.
Understanding The Four Types Of Critical Misconfigurations
Broadly speaking, there are four types of critical misconfigurations which must be avoided.
1 – A misconfiguration which can be leveraged to directly breach data.
This is, of course, the most serious misconfiguration of all. If there’s a hole in your system such as an unprotected port or weak authentication for administrative privileges, that could lead to attackers gaining direct access to highly valuable resources. These are the sorts of misconfigurations which can potentially destroy a company, if exploited.
2 – A misconfiguration which can become part of a larger attack.
These can be the trickiest misconfigurations to hunt down, although fortunately they can also be the trickiest to exploit. There are many assets on a network or cloud service which may not directly access protected data, but can allow attackers to gain a foothold. Man-in-the-middle attacks are a good example of this. An attacker compromises one system, then uses that to grab cloud tokens or other credentials which can be used to open up wider access.
3 – A misconfiguration which enables attacks on your cloud assets directly.
This would be problems such as poorly-configured firewalls or insufficient Denial-of-Service Attack protection. Attacks of this sort may or may not be about seizing data. Some attackers may simply be trying to disrupt your infrastructure, or cause chaos. If the direct attack also happens to grant them access in some way, all the better for them.
4 – A misconfiguration which can allow security to be weakened.
This could potentially come from any of the other three types of attacks, a situation where attackers find a way to gain access to security controls and “unlock the doors” for themselves while locking everyone else out, as in the Gentoo hack. However, this happens most often with stolen credentials or stolen hardware which is considered to be trustworthy.
Tips For Protecting Your Cloud Assets From Critical Misconfigurations
The first and best way to protect your cloud assets from misconfiguration is to have standardized security templates which are fully vetted, applied globally to all affected assets, and which are liberally audited throughout the year for compliance. In Azure, this means leveraging the Azure Resource Manager (ARM) which creates the templates, as well as automating Desired State Configuration (DSC) which ensures those templates are applied across all your Azure assets. These are all good approaches as part of your cloud configuration management practice.
However, one should not rely solely on automation and features which were set up months before. Here are a few more tips.
Think like an attacker! Make a sort of game of it, like playing chess against yourself. Put yourself in the role of an attacker trying to compromise your own cloud infrastructure, and look for ways which could enable it to happen. If you can think of novel ways to compromise your security, chances are attackers could think of those ways as well.
Consider an “inside out” paradigm of attacks. It’s easy to think of systems security in real-world physical terms, as though the attackers are trying to breach a castle. This model doesn’t always apply to cloud security. Start from the inside – your critical assets at the center of the network – and work outwards through the layers of security surrounding them looking for holes. To stretch the metaphor, if attackers could parachute directly into your castle’s keep, it doesn’t matter how tall your ramparts are.
Emphasize human security training. It’s basically a fact of life that humans are going to be the weakest link in any security system. Your workforce should have regular training on matters like protecting their personal devices, creating strong/memorable passwords, and recognizing phishing attempts along with other forms of social engineering.
Consider hiring external penetration testers. If you’re tasked with protecting truly mission-critical assets, there are numerous professional security teams which specialize in conducting controlled “live fire” intrusions to test your defenses directly. This isn’t a cheap option, but there’s no better way to understand how good your security really is.
Need More Azure Security Tips? Get Our Free Whitepaper!